Solved

PHP shell_exec    executing a mysql query

Posted on 2014-01-18
16
1,516 Views
Last Modified: 2014-01-19
i have a PHP script where the following shell_exec seems to return null
echo "SIMPLE MYSQL:".       shell_exec('mysql cphulkd -e "SELECT 1+1 "')  ;

i've tried various ways to find out what it's returning but it seems to be blank/null.

the plain mysql shell command
mysql cphulkd -e "SELECT 1+1 "

works fine when executed directly from linux shell.

any thoughts on debugging PHP shell_exec ?

thanks
0
Comment
Question by:willsherwood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 6
16 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39791232
It's not a matter of debugging, it's that the web server user doesn't have permissions to do that.  Your web server would have to be running 'suexec' to run that under your own user permissions.  Which would have to be in your own directory.
0
 

Author Comment

by:willsherwood
ID: 39791243
i'm running from root, with the files owned by and in grp of 'nobody'
permissions:  -rw-r--r--.

i've sandwiched the  shell_exec(mysql)  with
echo shell_exec(uptime);

and the uptime prints properly twice -- just nothing for the mysql command in between
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39791252
If you are running PHP thru a web server, you are Not running as 'root', you are probably running as 'www' which has very limited permissions on purpose.  In theory, you should be able to run that PHP script on the command line instead of thru the web server and have it work.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39791259
This page http://us1.php.net/manual/en/function.shell-exec.php says that you can use 'exec' instead to get the program error code.  Note the notes about running under Apache and seeing a blank line for a multi-line response.

Of course, the more interesting question is why aren't you accessing MySQL thru the PHP drivers?
0
 

Author Comment

by:willsherwood
ID: 39791324
the tables are internal WHM database tables with accessibility restrictions.
I'm trying to make a sort of limited API that i can call externally without security risks.
i cannot run mysql directly from PHP because i don't know (nor want to know) the authentication for the connection.

perhaps it's just not permitted to call anything related to mysql from shell_exec ?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39791376
It's probably not allowed to run anything at all thru 'shell_exec' because it doesn't have permission.  Anything run thru 'shell_exec' is run as the user that calls it and thru the web server that would be 'www', not 'root'.
0
 
LVL 58

Expert Comment

by:Gary
ID: 39791378
Is shell_exec() enabled in php.ini and not disabled?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39791415
No.  It's all about user permissions.  You may run as 'root' at the command line but you will never run as 'root' thru the web server.  shell_exec() probably only works completely right if you also have 'suexec' running on the server.  'suexec' allows Apache to give you user access to the command line.  However... that can still be limited by the owner / user of the directory and files.

Your example "mysql cphulkd -e "SELECT 1+1 "" must be doing some kind of auto-login because I can't do that on my system.
0
 

Author Comment

by:willsherwood
ID: 39791458
sorry if my previous reply didn't get thru or wasn't clear... from within this PHP context:
    echo shell_exec(uptime);
works fine.
fwiw, also:
    echo shell_exec(dir);
    echo shell_exec("echo '1'");
work as expected.

cphulk is a cpanel system login monitor "firewall" for login protection, and its blocks are kept in the mysql table  cphulkd   which is accessible via the shell mysql command previously shown;   it's this mysql cmd line i cannot get to execute from within the  shell_exec.
Are you saying that some shell commands have differing permissions from other commands
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39791600
It's possible.  Note that all your working examples don't change anything, they just report pretty generic information, and any user can run those commands.  The 'mysql' command line does require a login on every system that I know of.  What are you getting for a response from "mysql cphulkd -e "SELECT 1+1 ""?
0
 

Author Comment

by:willsherwood
ID: 39791628
when i execute it directly in the shell, it gives the  +----+    tabled  format
 1+1

   2

when called from php   shell_exec,    nothing.  (null, or maybe a logged/hidden error)
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 39791689
I tried this on my Ubuntu 10.04 system and got basically the same results as you have.  'uptime' and 'dir' work.  But on the command line, my 'mysql' will not accept the password from the command line, only 'interactively'.  And it definitely won't accept a login with no user or password.
0
 

Author Closing Comment

by:willsherwood
ID: 39792043
thanks for your help.
upon further inspection, indeed it was a mysql user/pw access problem
appreciate your patience and peristence
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39792459
You're welcome, glad to help.
0
 

Author Comment

by:willsherwood
ID: 39792786
it was just so curious that mysql seemed to be the only command that didn't work (that i tried).
but now we have an easy API for determining if someone is blocked via cpHulk login denial.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39792804
Yes, that did seem odd.  Even odder on my system where it wouldn't allow the password on the command line.  I know that my older MySQL on my Windows box doesn't act that way.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to create an extensible mechanism for linked drop downs.
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question